Who is Participating?

Now, if the recipient knows the good part is just, in this case, two bytes, and the cracker doesn't, padding with randomized instances of the plain text (e.g., abbbabaa) would make the crackers life a tad more difficult.

<justthinkingoutloud>
I wonder if you'd have the same problem with something like:

taking the stream in chunks of password length (padded if needed):

a <- chunk XOR password
a <- leftcircularshift(a,1)

a <- ak XOR password
a <- leftcircularshift(a,1)

a <- ak XOR password
a <- leftcircularshift(a,1)

with the decrypt being:

a <- rightcircularshift(chunk,1)
a <- a XOR password

a <- rightcircularshift(a,1)
a <- a XOR password

a <- rightcircularshift(a,1)
a <- a XOR password
</justthinkingoutloud>

If the text to be encrypted is shorter than the key, why not pad the text out?

Or, consider the following. So short a piece of plain text, in and of itself, should never carry much import, as a brute force and ignorance attack is quickly successful. For example, not even the greenest security officer would every condone such a short, say, password for even the least userid.